mtls-configuration

skills-sh:wshobson_agents__mtls-configuration

View source

76/100

First Seen

Feb 18, 2026

Last Scanned

Feb 20, 2026

Findings

Score

76/100

MEDIUM 3

Findings (3)

MEDIUM

Kubernetes service discovery SSRF_003

ssrf-cloud L175

Detects Kubernetes internal service URLs and secret paths

.svc.cluster.local

FIX

Validate and sanitize all user-provided URLs before making server-side requests. Resolve DNS and verify the IP is not in a private range before connecting.

FP?

Likely FP if the URL fetch is for a well-known public API endpoint that is hardcoded (not user-controlled) in the tool configuration.

MEDIUM

Kubernetes service discovery SSRF_003

ssrf-cloud L180

Detects Kubernetes internal service URLs and secret paths

.svc.cluster.local

FIX

Validate and sanitize all user-provided URLs before making server-side requests. Resolve DNS and verify the IP is not in a private range before connecting.

FP?

Likely FP if the URL fetch is for a well-known public API endpoint that is hardcoded (not user-controlled) in the tool configuration.

MEDIUM

Kubernetes service discovery SSRF_003

ssrf-cloud L310

Detects Kubernetes internal service URLs and secret paths

.svc.cluster.local

FIX

Validate and sanitize all user-provided URLs before making server-side requests. Resolve DNS and verify the IP is not in a private range before connecting.

FP?

Likely FP if the URL fetch is for a well-known public API endpoint that is hardcoded (not user-controlled) in the tool configuration.